[00:22] hi guys [00:22] "quick" question about meltdown: I understand how to read anything from the kernel by getting its content byte per byte [00:23] what I don't understand is how to escape from a virtual machine [00:23] hence the question: how two virtual machines address spaces are isolated from each other in the iommu? [00:24] I realize the question might not make any sense and I could be missing something === Elimin8r is now known as Elimin8er [14:13] i'm working on backporting the 4.14 KPTI patches to ubuntu 4.13 artful kernel, any ubuntu kernel devs interested in collaborating? or any existing efforts i can join? [14:16] dsd, we're trying hard to get that done [14:17] apw: can we work together? [14:17] i have explored 2 approaches: [14:18] 1. take the stable queue 4.9 patches and apply to 4.13. result: looks pretty difficult, too many changes between 4.9 and 4.13, especially the 5 level page tables. i put this idea on pause after doing a couple of the patches [14:19] 2. take 4.14 stable patches and apply on artful kernel. there are basically 3 batches of patches to deal with. i have just completed the first batch (from 4.14.9) and it compiles [14:19] feeling more positive about that approach - hopefully just need to do that another 2 times and then pray that it boots [14:20] well we have been looking at the 2. form as well [14:22] looking or doing? would it be useful for me to share what i've done so far, or is there any work in progress that can be shared from your side? [14:26] we have something in testing, just not sure how complete it is right now [14:28] sorry very distracted [14:28] happy to take a look if you publish it somewhere [14:28] will try and get bck to you in a bit [14:29] ok, i'll also push what i've done in case it is useful, just a min === ben_r_ is now known as ben_r [14:44] https://github.com/endlessm/linux/tree/artful-kpti and notes https://gist.github.com/dsd/f98a8f1a15f701934ece3e70c9b8fb0a [17:46] tseliot, hi, I guess you are already aware of this nvidia-blob problem https://devtalk.nvidia.com/default/topic/1028222/linux/lts-kernel-patch-for-intel-cpu-vulnerability-breaks-nvidia-driver/post/5230546/#5230546 [18:03] apw: our updated kernel may hit that nvidia issue ^ [18:09] Interestingly, I did not hit that bug. It compiled fine (387.34, 4.14.11) for me. [18:10] mamarley, the archive contains 384 [18:10] The guy in the thread says 387 failed to compile though. [18:11] maybe it depends on which of the patch-set was included? there have been some recent commits since 4.14.11 was published [18:11] apw: regarding the nvidia issue, the only thing I can spot is the addition of the __visible attribute to cpu_tlbstate in https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6fd166aae78c0ab738d49bda653cbd9e3b1491cf [19:34] ricotz: sigh... no, I didn't look into that